Has Norton Password Manager Been Hacked

0 views

Skip to first unread message

Daria

unread,

Aug 3, 2024, 5:28:05 PM8/3/24

to gritysunprom

The notifications to customers of NortonLifeLock advise that hackers are successfully gaining access to Norton Password Manager accounts. However, it is claimed that the attacks were not caused by weak security in the Norton Password Manager systems, but instead via a third-party platform.

"Our own systems were not compromised. However, we strongly believe that an unauthorized third-party knows and has utilized your username and password for your account," the firm said in notices to customers, according to a letter sample shared with the Office of the Vermont Attorney General seen by BleepingComputer.

Specifically, the breach is known as a credential-stuffing attack, where an attacker acquires data from other sources, such as account compromises on other platforms, to try and gain access to the intended target.

In this instance, Norton saw detected an "unusually large volume" of failed login attempts on December 12, which usually indicates attempts at credential stuffing attacks. An internal investigation that ran until December 22 discovered that the attacks started from December 1, and that a number of accounts were successfully compromised.

While the number of affected accounts were not revealed, a statement from NortonLifeLock parent company Gen Digital revealed that approximately 925,000 inactive and active accounts could've been targeted in the attack.

Customers are warned in the notification that attackers may have obtained details stored in private vaults, which could lead to further compromises. Attackers may also have seen the account's first name, last name, phone number, and mailing address.

Norton has since reset passwords on impacted accounts, introduced additional measures to fend off attacks, and advises customers to enable two-factor authentication on their accounts. It also offers the use of a credit monitoring service.

In December, LastPass confirmed that an August data breach involved names, addresses, and encrypted password data vaults. By late December, it was claimed that the vaults were potentially crackable for just $100.

"...a statement from NortonLifeLock parent company Gen Digital revealed that approximately 925,000 inactive and active accounts could've been targeted in the attack." Glad I haven't used Norton on personally owned computers. Also, haven't used anything Norton in more than 10+ years on company owned computers (used competing brands during that timeframe). Never used 1Password (or any other 3rd party password manager). May be a good argument to phase out passwords in favor of passkeys (will start investigating passkeys).

Have noticed a large increase in spam emails starting about a week before Christmas. Wondering if a different database was hacked, or some company or companies running low on cash has been selling email addresses in a bid to make money.

The last time I used Norton software was to use Norton SI to see the performance improvement achieved by tweaking the memory wait states on my 4.77 MHz Intel 8088 PC. I think it bumped the SI benchmark from a 1.0 to a 1.2. Swapping out the Intel 8088 for an NEC V20 gave me a little more bump-up, but still in the 1.x range. Imagine anything today with a benchmark of 1.

I think the dinosaurs were starting their rapid descent into extinction around the same time.

Password re-use is the most likely vector for the ne'er-do-wells gaining access to the NortonLifeLocker systems. Which makes it painfully obvious that a large portion of the userbase does not and will never understand the point of a password manager.

A customer notice from Gen Digital, Norton's parent company, claimed that the breach was likely the result of a credential stuffing attack, where threat actors use lists of previously exposed passwords to hack into numerous accounts used by victims, on the presumption that they will have used the same password for multiple services.

The notices were sent to over 6,000 customers whose accounts had been hacked. Gen Digital stated that hackers may have ascertained personal information from hacking into customer accounts, such as names, phone numbers and addresses. Passwords stored using the password manager feature may also have been accessed, with Gen Digital cautioning this could not be ruled out.

LifeLock is an identify theft protection platform by Norton, the company best known for its once market leading antivirus software. It also comes bundled with the company's security suite Norton 360.

As Gen Digital itself recommends, multi-factor authentication is essential for keeping safe, by making sure it is actually you who is trying to access your account. It works by sending a verification prompt or code to another one of your devices, such as your smartphone, via SMS or a dedicated authenticator app, when a login is attempted on your account.

LifeLock's password manager isn't alone in suffering a potential breach. LastPass has been having a torrid time since its customer's password vaults were stolen last year, despite assuring customers that the passwords remained encrypted.

Lewis Maddison is a Reviews Writer for TechRadar. He previously worked as a Staff Writer for our business section, TechRadar Pro, where he had experience with productivity-enhancing hardware, ranging from keyboards to standing desks. His area of expertise lies in computer peripherals and audio hardware, having spent over a decade exploring the murky depths of both PC building and music production. He also revels in picking up on the finest details and niggles that ultimately make a big difference to the user experience."}), " -0-10/js/authorBio.js"); } else console.error('%c FTE ','background: #9306F9; color: #ffffff','no lazy slice hydration function available'); Lewis MaddisonSocial Links NavigationReviews WriterLewis Maddison is a Reviews Writer for TechRadar. He previously worked as a Staff Writer for our business section, TechRadar Pro, where he had experience with productivity-enhancing hardware, ranging from keyboards to standing desks. His area of expertise lies in computer peripherals and audio hardware, having spent over a decade exploring the murky depths of both PC building and music production. He also revels in picking up on the finest details and niggles that ultimately make a big difference to the user experience.

Norton is a well-known antivirus company that's been offering antivirus software and services to customers since 1990. The Norton Lifelock service is a password manager technology that also comes with alert tools and identity monitoring solutions. The password protection service is supposed to be a reliable way to store confidential information, but the service was breached for several users in December 2022.

The individuals that attempted to attack Norton LifeLock accounts purchased large lists of login information and attempted to access as many accounts as possible. While inputting the login information, the users were able to get access to many LifeLock accounts, where additional information could be harvested.

The Norton LifeLock data breach occurred on December 1, 2022. At that time, an individual attempted to get into LifeLock customer accounts to take control of all their account information. Norton didn't verify that attacks had actually occurred until December 22, 2022.

Norton didn't release a count for the number of accounts that were accessed due to this data breach, but a large number of accounts were compromised in the attack. Anyone that is suspected of having been compromised will receive a notification from Norton. If you receive a letter from the company about this breach, you should take immediate action to freeze your credit account, and begin changing passwords to your important accounts.

Cisco Duo is an access security provider that offers solutions for small business and commercial control products, including multi-factor authentication (MFA), single sign-on, and access control services....

The CISA collaborates with other government agencies to notify victims of breaches and respond to threats. These include the Federal Bureau of Investigation, the Multi-State Information Sharing & Analysis...

1Password has easy-to-use, polished apps that work on Windows PCs, Macs, Chromebooks, iPhones, iPads, Android devices, and the major web browsers. The Watchtower feature helps you identify and change weak, reused, or compromised passwords, and 1Password walks you through correcting these problems in clear, digestible language. 1Password uses strong encryption and good security practices, which sometimes leads to tedious interactions.

Thorin Klosowski has spent a decade writing about technology, with a focus on software for many of those years. He has written about privacy and security for the bulk of that time and has tested countless password managers.

Andrew Cunningham spent years testing, reviewing, and otherwise writing about computers, phones, operating systems, apps, and other gadgets for AnandTech, Ars Technica, and Wirecutter. He has been building, upgrading, and fixing PCs for more than 15 years, and he spent five of those years in IT departments buying and repairing laptops and desktops as well as helping people buy the best hardware and software for their needs.

Passwords are as annoying as they are necessary, and a good password manager can keep you secure while making it easier to juggle the sheer number of passwords you need to be a person on the internet. Using a password manager is one of the most important things you can do to protect yourself online, aside from using multi-factor authentication and keeping your operating system and web browser up to date. If any of your passwords are weak and easy to guess, if you reuse any of your passwords across multiple sites, or if the sites you use are ever hacked and your account is compromised, you risk losing access to your accounts and your data. In fact, if you reuse passwords, chances are good that your password is already out there. You can even check to see if your email address or password has been involved in a data breach.